Enhancements and resolved issues in PingFederate 11.2.4.
Base DN reference attribute
We've fixed an issue where upstream data stores in the chain could not recognize the reference attribute for base distinguished name (DN) during lookup.
Identity store provisioner validation rules
We've improved validation rules to ensure that only identity store provisioners that support groups require group attribute contract validation.
DCR with client secret retention
We've resolved a null pointer exception (NPE) error that occurred when attempting to set up Dynamic Client Registration (DCR) with client secret retention.
Response handling logs
We've added additional logging to help debug unexpected errors in response handling.
OIDC policies with fragments configured
We've resolved an issue that occurred when saving OpenID Connect (OIDC) policies with fragments configured.
LDAP filter validation
HSM key sessions
We’ve improved the process of cluster replication for PingFederate integrated with AWS CloudHSM by purging HSM key pair generation sessions.